Vinta's High Quality Standards

A checklist we use here at Vinta to ensure high quality software at scale Access Github Repo.
development-workflow; agile; good-practices;
Checks are saved in your local storage

Vinta's High Quality Software Standards

  • Distributed Version Control (like Git)
  • Clear README instructions covering:
    • Project setup
    • Setup common issues
    • Development
    • Tests
    • Deployment
    • Commands
    • Periodic jobs
    • Integrations
  • System Documentation
    • Complex business rules
    • Nontrivial design decisions
    • Known shortcomings
    • Third-party integrations documentation
  • Easy onboarding process (eg. Vinta's Playbook - Developer Onboarding )
  • Loosely coupled architecture. More details
  • Configuration stored in environment. More details
  • Logging standards facilitating search and protecting user data:
    • Logs are prefixed according to task/feature
    • No sensitive data is being logged
  • Small batches of work
  • Continuous testing (i.e., the process of executing automated tests as part of the software delivery pipeline)
  • Continuous integration
  • Code coverage above 80%
  • Code review standards, including frequent small PRs. More details here and here
  • Safe automated deployment pipeline, including protected Master branches
  • Deployment frequency between one day and one week
  • Lead time for changes between one day and one week s (i.e., how long it takes to go from code committed to code in production)
  • Time to restore service is less than one day
  • Change failure rate between 0-15%
  • High availability
  • Error tracking tools (eg. Sentry )
  • Monitoring tools (eg. New Relic , Librato )
  • Security
    • Destructive actions prompt confirmations
    • Follows the principle of least privilege: block resources/actions by default (whitelist when permission is needed)
    • Has static code analyzers to find security flaws (eg: eslint-plugin-security, eslint-plugin-react)
    • Has dependency vulnerability checkers in place (eg: Python safety, npm audit)
    • Promotes privacy and raises awareness on users and stakeholders
  • Development, Staging and Production environments as similar as possible, while asserting user data protecting through anonymization. More details
  • References

Yay! You completed the checklist top to bottom!
Now spread the ❤︎ by thanking the author, making improvements or creating you own checklist!